noodleseed-cli 0.1.4

package/node_modules/@noodle-borg/transport-http/dist/examples/serve-demo.js

@@ -0,0 +1,129 @@
+/**
+ * Runnable end-to-end demo: compile a manifest, wire a **real, authenticated** HTTP connector across
+ * **two** hosts, and serve it as a remote MCP server over Streamable HTTP. Build the package, then run:
+ *
+ *   node packages/transport-http/dist/examples/serve-demo.js
+ *
+ * Point an MCP client (e.g. the MCP Inspector) at the printed URL, or use the sample curl below. The
+ * `derive_and_enrich` tool runs a **synchronous flow** that chains two authenticated POSTs:
+ *   1. POST https://httpbin.org/anything   with `Authorization: Bearer …`   (host 1)
+ *   2. POST https://httpbingo.org/anything with `X-API-Key: …`              (host 2), using step 1's result
+ * Both endpoints echo the request back, so the response visibly proves the auth headers and bodies were
+ * actually sent — a real authenticated, multi-host, multi-step tool call over MCP.
+ */
+import { compile, InMemoryCatalog, } from '@noodle-borg/compiler';
+import { HttpConnector } from '@noodle-borg/connector-http';
+import { InMemoryConnectorRegistry, } from '@noodle-borg/runtime';
+import { serveHttp } from '../index.js';
+const MANIFEST = `
+manifestVersion: "0.2"
+server:
+  name: demo_chain
+  version: 1.0.0
+  title: Demo Chain
+connectors:
+  echo:
+    id: httpecho
+    version: 1.0.0
+tools:
+  - name: derive_and_enrich
+    description: Create a derived token via an authenticated POST, then enrich it via a second authenticated POST on another host.
+    inputSchema:
+      type: object
+      properties:
+        label:
+          type: string
+      required:
+        - label
+      additionalProperties: false
+    fulfilment:
+      steps:
+        - id: create
+          use: echo.create
+          args:
+            label: \${input.label}
+        - id: enrich
+          use: echo.enrich
+          args:
+            derived: \${steps.create.token}
+      output:
+        created: \${steps.create.token}
+        enriched: \${steps.enrich.derived}
+`;
+const createSig = {
+    type: 'action',
+    input: { label: { type: 'string', required: true } },
+    output: { token: { type: 'string' } },
+};
+const enrichSig = {
+    type: 'action',
+    input: { derived: { type: 'string', required: true } },
+    output: { derived: { type: 'string' } },
+};
+const httpecho = {
+    id: 'httpecho',
+    version: '1.0.0',
+    kind: 'catalog',
+    operations: { create: createSig, enrich: enrichSig },
+};
+function deps() {
+    const connector = new HttpConnector({
+        id: 'httpecho',
+        version: '1.0.0',
+        baseUrl: 'https://httpbin.org',
+        // Egress allowlist: the connector may only reach these two declared hosts.
+        allowedOrigins: ['https://httpbin.org', 'https://httpbingo.org'],
+        operations: {
+            create: {
+                method: 'POST',
+                path: '/anything',
+                auth: { kind: 'bearer' },
+                body: (args) => ({ label: args.label }),
+                signature: createSig,
+                mapResponse: (json) => ({ token: json.json.label }),
+            },
+            enrich: {
+                method: 'POST',
+                path: '/anything',
+                baseUrl: 'https://httpbingo.org', // a second declared host
+                auth: { kind: 'apiKey', header: 'X-API-Key' },
+                body: (args) => ({ derived: args.derived }),
+                signature: enrichSig,
+                mapResponse: (json) => ({ derived: json.json.derived }),
+            },
+        },
+    });
+    // A broker that mints a different downstream credential per operation. This is the seam where a real
+    // broker would fetch a per-host API key from a secret store — secrets never live in the manifest.
+    const broker = {
+        getCredential(request) {
+            const token = request.operation === 'create' ? 'demo-bearer-key-host1' : 'demo-api-key-host2';
+            return Promise.resolve({ token });
+        },
+    };
+    return { connectors: new InMemoryConnectorRegistry([connector]), broker };
+}
+async function main() {
+    const result = compile(MANIFEST, { catalog: new InMemoryCatalog([httpecho]) });
+    if (!result.ok) {
+        console.error('manifest failed to compile:', result.errors);
+        process.exit(1);
+    }
+    const target = { artifact: result.artifact, deps: deps() };
+    const port = Number(process.env.PORT ?? 8765);
+    const running = await serveHttp({ target, port });
+    const accept = 'application/json, text/event-stream';
+    console.log(`Noodle Borg MCP server (remote, Streamable HTTP) listening at ${running.url}`);
+    console.log('Initialize:');
+    console.log(`  curl -s ${running.url} -H 'content-type: application/json' -H 'accept: ${accept}' ` +
+        `-d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-11-25"}}'`);
+    console.log('Call derive_and_enrich (runs an authenticated two-host flow over MCP):');
+    console.log(`  curl -s ${running.url} -H 'content-type: application/json' -H 'accept: ${accept}' ` +
+        `-H 'mcp-protocol-version: 2025-11-25' ` +
+        `-d '{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"derive_and_enrich","arguments":{"label":"hello"}}}'`);
+}
+main().catch((error) => {
+    console.error(error);
+    process.exit(1);
+});
+//# sourceMappingURL=serve-demo.js.map

package/node_modules/@noodle-borg/transport-http/dist/examples/serve-demo.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"serve-demo.js","sourceRoot":"","sources":["../../src/examples/serve-demo.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,OAAO,EAEL,OAAO,EACP,eAAe,GAEhB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5D,OAAO,EAKL,yBAAyB,GAC1B,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,MAAM,QAAQ,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAkChB,CAAC;AAEF,MAAM,SAAS,GAAuB;IACpC,IAAI,EAAE,QAAQ;IACd,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE;IACpD,MAAM,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;CACtC,CAAC;AACF,MAAM,SAAS,GAAuB;IACpC,IAAI,EAAE,QAAQ;IACd,KAAK,EAAE,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE;IACtD,MAAM,EAAE,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;CACxC,CAAC;AAEF,MAAM,QAAQ,GAAqB;IACjC,EAAE,EAAE,UAAU;IACd,OAAO,EAAE,OAAO;IAChB,IAAI,EAAE,SAAS;IACf,UAAU,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE;CACrD,CAAC;AAEF,SAAS,IAAI;IACX,MAAM,SAAS,GAAG,IAAI,aAAa,CAAC;QAClC,EAAE,EAAE,UAAU;QACd,OAAO,EAAE,OAAO;QAChB,OAAO,EAAE,qBAAqB;QAC9B,2EAA2E;QAC3E,cAAc,EAAE,CAAC,qBAAqB,EAAE,uBAAuB,CAAC;QAChE,UAAU,EAAE;YACV,MAAM,EAAE;gBACN,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBACxB,IAAI,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC;gBACvC,SAAS,EAAE,SAAS;gBACpB,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAG,IAAoC,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;aACrF;YACD,MAAM,EAAE;gBACN,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,uBAAuB,EAAE,yBAAyB;gBAC3D,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE;gBAC7C,IAAI,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC;gBAC3C,SAAS,EAAE,SAAS;gBACpB,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,OAAO,EAAG,IAAsC,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;aAC3F;SACF;KACF,CAAC,CAAC;IAEH,qGAAqG;IACrG,kGAAkG;IAClG,MAAM,MAAM,GAAqB;QAC/B,aAAa,CAAC,OAA0B;YACtC,MAAM,KAAK,GAAG,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,oBAAoB,CAAC;YAC9F,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;QACpC,CAAC;KACF,CAAC;IAEF,OAAO,EAAE,UAAU,EAAE,IAAI,yBAAyB,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC;AAC5E,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,IAAI,eAAe,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC;IAC/E,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,6BAA6B,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAC5D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAmB,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,CAAC;IAC3E,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC;IAC9C,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAElD,MAAM,MAAM,GAAG,qCAAqC,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,iEAAiE,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC5F,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC3B,OAAO,CAAC,GAAG,CACT,aAAa,OAAO,CAAC,GAAG,oDAAoD,MAAM,IAAI;QACpF,+FAA+F,CAClG,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,wEAAwE,CAAC,CAAC;IACtF,OAAO,CAAC,GAAG,CACT,aAAa,OAAO,CAAC,GAAG,oDAAoD,MAAM,IAAI;QACpF,wCAAwC;QACxC,yHAAyH,CAC5H,CAAC;AACJ,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/node_modules/@noodle-borg/transport-http/dist/front-door.d.ts

@@ -0,0 +1,46 @@
+import type { IncomingMessage, ServerResponse } from 'node:http';
+/**
+ * In-app HTTPS posture for a TLS-**proxy-terminated** deployment (Slice 28, ADR 0033). The runtime itself
+ * always speaks plain HTTP behind a trusted reverse proxy (it never handles certs); this module enforces
+ * the *client*-facing HTTPS expectation and emits baseline security headers. The actual cert / DNS / load
+ * balancer is an out-of-repo hosting decision.
+ */
+export interface TlsPosture {
+    /**
+     * Trust `X-Forwarded-Proto` / RFC 7239 `Forwarded` from the fronting proxy. Default `false` (direct /
+     * localhost), in which case forwarded headers are **ignored** so a direct client cannot spoof `https`.
+     * Enable **only** behind a trusted proxy that strips client-supplied copies of these headers.
+     */
+    readonly trustProxy?: boolean;
+    /** Reject a request the proxy marks as plaintext `http` with `426`. Default: on when `trustProxy`. */
+    readonly requireHttps?: boolean;
+    /**
+     * Emit `Strict-Transport-Security`. Default: on when `trustProxy`. `maxAge` default 2y,
+     * `includeSubDomains` default true, `preload` default **false** (preload is hard to reverse — opt in).
+     */
+    readonly hsts?: boolean | {
+        maxAgeSeconds?: number;
+        includeSubDomains?: boolean;
+        preload?: boolean;
+    };
+}
+/**
+ * The effective client-facing scheme. With `trustProxy`, read `X-Forwarded-Proto` (first hop) or RFC 7239
+ * `Forwarded: proto=`; otherwise the forwarded headers are ignored and the scheme is `http` (the runtime's
+ * own socket). A trusted proxy that omits the header is treated as `http` (fail safe → enforcement fires).
+ */
+export declare function effectiveProto(req: IncomingMessage, trustProxy: boolean): 'http' | 'https';
+/**
+ * Enforce the HTTPS posture. When `requireHttps` (default = `trustProxy`) and the effective scheme is
+ * plaintext `http`, write a `426 Upgrade Required` (with an `Upgrade` header + transport-level JSON-RPC
+ * error) and return `true` (request handled). Otherwise return `false`.
+ */
+export declare function enforceHttps(req: IncomingMessage, res: ServerResponse, posture: TlsPosture): boolean;
+/**
+ * Host-agnostic baseline security headers for every response (set via `setHeader`, before the body is
+ * written, so they ride along with whatever status follows): `X-Content-Type-Options: nosniff`,
+ * `Referrer-Policy: no-referrer`, `Cache-Control: no-store` (responses carry tokens/JSON), and
+ * `Strict-Transport-Security` when the posture calls for it.
+ */
+export declare function applySecurityHeaders(res: ServerResponse, posture: TlsPosture): void;
+//# sourceMappingURL=front-door.d.ts.map

package/node_modules/@noodle-borg/transport-http/dist/front-door.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"front-door.d.ts","sourceRoot":"","sources":["../src/front-door.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAGjE;;;;;GAKG;AACH,MAAM,WAAW,UAAU;IACzB;;;;OAIG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,OAAO,CAAC;IAC9B,sGAAsG;IACtG,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC;IAChC;;;OAGG;IACH,QAAQ,CAAC,IAAI,CAAC,EACV,OAAO,GACP;QAAE,aAAa,CAAC,EAAE,MAAM,CAAC;QAAC,iBAAiB,CAAC,EAAE,OAAO,CAAC;QAAC,OAAO,CAAC,EAAE,OAAO,CAAA;KAAE,CAAC;CAChF;AASD;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,eAAe,EAAE,UAAU,EAAE,OAAO,GAAG,MAAM,GAAG,OAAO,CAc1F;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAC1B,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,OAAO,EAAE,UAAU,GAClB,OAAO,CAiBT;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,cAAc,EAAE,OAAO,EAAE,UAAU,GAAG,IAAI,CAWnF"}

package/node_modules/@noodle-borg/transport-http/dist/front-door.js

@@ -0,0 +1,75 @@
+import { JSON_RPC } from '@noodle-borg/protocol';
+const TWO_YEARS_SECONDS = 63_072_000;
+function header(req, name) {
+    const value = req.headers[name];
+    return Array.isArray(value) ? value[0] : value;
+}
+/**
+ * The effective client-facing scheme. With `trustProxy`, read `X-Forwarded-Proto` (first hop) or RFC 7239
+ * `Forwarded: proto=`; otherwise the forwarded headers are ignored and the scheme is `http` (the runtime's
+ * own socket). A trusted proxy that omits the header is treated as `http` (fail safe → enforcement fires).
+ */
+export function effectiveProto(req, trustProxy) {
+    if (!trustProxy)
+        return 'http';
+    const forwardedProto = header(req, 'x-forwarded-proto');
+    if (forwardedProto) {
+        const first = forwardedProto.split(',')[0]?.trim().toLowerCase();
+        if (first === 'https')
+            return 'https';
+        if (first === 'http')
+            return 'http';
+    }
+    const forwarded = header(req, 'forwarded');
+    if (forwarded) {
+        const match = /proto=("?)(https?)\1/i.exec(forwarded);
+        if (match)
+            return match[2]?.toLowerCase() === 'https' ? 'https' : 'http';
+    }
+    return 'http';
+}
+/**
+ * Enforce the HTTPS posture. When `requireHttps` (default = `trustProxy`) and the effective scheme is
+ * plaintext `http`, write a `426 Upgrade Required` (with an `Upgrade` header + transport-level JSON-RPC
+ * error) and return `true` (request handled). Otherwise return `false`.
+ */
+export function enforceHttps(req, res, posture) {
+    const trustProxy = posture.trustProxy ?? false;
+    const requireHttps = posture.requireHttps ?? trustProxy;
+    if (!requireHttps)
+        return false;
+    if (effectiveProto(req, trustProxy) === 'https')
+        return false;
+    res.writeHead(426, {
+        'content-type': 'application/json; charset=utf-8',
+        upgrade: 'TLS/1.2, HTTP/1.1',
+    });
+    res.end(JSON.stringify({
+        jsonrpc: '2.0',
+        id: null,
+        error: { code: JSON_RPC.INVALID_REQUEST, message: 'HTTPS required' },
+    }));
+    return true;
+}
+/**
+ * Host-agnostic baseline security headers for every response (set via `setHeader`, before the body is
+ * written, so they ride along with whatever status follows): `X-Content-Type-Options: nosniff`,
+ * `Referrer-Policy: no-referrer`, `Cache-Control: no-store` (responses carry tokens/JSON), and
+ * `Strict-Transport-Security` when the posture calls for it.
+ */
+export function applySecurityHeaders(res, posture) {
+    res.setHeader('X-Content-Type-Options', 'nosniff');
+    res.setHeader('Referrer-Policy', 'no-referrer');
+    res.setHeader('Cache-Control', 'no-store');
+    const hsts = posture.hsts ?? posture.trustProxy ?? false;
+    if (!hsts)
+        return;
+    const opts = typeof hsts === 'object' ? hsts : {};
+    const parts = [`max-age=${opts.maxAgeSeconds ?? TWO_YEARS_SECONDS}`];
+    if (opts.includeSubDomains ?? true)
+        parts.push('includeSubDomains');
+    if (opts.preload ?? false)
+        parts.push('preload');
+    res.setHeader('Strict-Transport-Security', parts.join('; '));
+}
+//# sourceMappingURL=front-door.js.map

package/node_modules/@noodle-borg/transport-http/dist/front-door.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"front-door.js","sourceRoot":"","sources":["../src/front-door.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AA0BjD,MAAM,iBAAiB,GAAG,UAAU,CAAC;AAErC,SAAS,MAAM,CAAC,GAAoB,EAAE,IAAY;IAChD,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAChC,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;AACjD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,GAAoB,EAAE,UAAmB;IACtE,IAAI,CAAC,UAAU;QAAE,OAAO,MAAM,CAAC;IAC/B,MAAM,cAAc,GAAG,MAAM,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC;IACxD,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACjE,IAAI,KAAK,KAAK,OAAO;YAAE,OAAO,OAAO,CAAC;QACtC,IAAI,KAAK,KAAK,MAAM;YAAE,OAAO,MAAM,CAAC;IACtC,CAAC;IACD,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IAC3C,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,KAAK,GAAG,uBAAuB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACtD,IAAI,KAAK;YAAE,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC;IAC3E,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,YAAY,CAC1B,GAAoB,EACpB,GAAmB,EACnB,OAAmB;IAEnB,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;IAC/C,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,UAAU,CAAC;IACxD,IAAI,CAAC,YAAY;QAAE,OAAO,KAAK,CAAC;IAChC,IAAI,cAAc,CAAC,GAAG,EAAE,UAAU,CAAC,KAAK,OAAO;QAAE,OAAO,KAAK,CAAC;IAC9D,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;QACjB,cAAc,EAAE,iCAAiC;QACjD,OAAO,EAAE,mBAAmB;KAC7B,CAAC,CAAC;IACH,GAAG,CAAC,GAAG,CACL,IAAI,CAAC,SAAS,CAAC;QACb,OAAO,EAAE,KAAK;QACd,EAAE,EAAE,IAAI;QACR,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,eAAe,EAAE,OAAO,EAAE,gBAAgB,EAAE;KACrE,CAAC,CACH,CAAC;IACF,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,GAAmB,EAAE,OAAmB;IAC3E,GAAG,CAAC,SAAS,CAAC,wBAAwB,EAAE,SAAS,CAAC,CAAC;IACnD,GAAG,CAAC,SAAS,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;IAChD,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;IACzD,IAAI,CAAC,IAAI;QAAE,OAAO;IAClB,MAAM,IAAI,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IAClD,MAAM,KAAK,GAAG,CAAC,WAAW,IAAI,CAAC,aAAa,IAAI,iBAAiB,EAAE,CAAC,CAAC;IACrE,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI;QAAE,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACpE,IAAI,IAAI,CAAC,OAAO,IAAI,KAAK;QAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACjD,GAAG,CAAC,SAAS,CAAC,2BAA2B,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AAC/D,CAAC"}

package/node_modules/@noodle-borg/transport-http/dist/handler.d.ts

@@ -0,0 +1,142 @@
+import type { IncomingMessage, ServerResponse } from 'node:http';
+import { type ServedArtifact } from '@noodle-borg/protocol';
+import { type TlsPosture } from './front-door.js';
+import { type Logger } from './logging.js';
+/** Origins allowed to call the endpoint: an explicit list, a predicate, or undefined (allow any). */
+export type OriginPolicy = readonly string[] | ((origin: string) => boolean);
+export interface HttpHandlerOptions {
+    /** The single MCP endpoint path. Default `/mcp`. */
+    readonly endpoint?: string;
+    /**
+     * Allowed `Origin` values (DNS-rebinding protection). When set, a request whose `Origin` header is
+     * present and not allowed gets `403`. When undefined, any origin is allowed (dev only — set this in
+     * production). A request with no `Origin` header (a non-browser client) is always allowed.
+     */
+    readonly allowedOrigins?: OriginPolicy;
+    /** Maximum request body size in bytes. Default 1 MiB. */
+    readonly maxBodyBytes?: number;
+    /**
+     * SHA-256 hash of the per-server caller key. When set, every request must present
+     * `Authorization: Bearer <key>` whose hash matches, or it gets `401` (see {@link mintCallerKey}).
+     * Omit for an open endpoint (dev/single-server use).
+     */
+    readonly callerKeyHash?: string;
+    /** Structured logger for request-lifecycle events (`mcp.request`). Default: a no-op logger. */
+    readonly logger?: Logger;
+    /**
+     * In-app HTTPS posture for a TLS-proxy-terminated deployment (Slice 28, ADR 0033). Default: baseline
+     * security headers only, no HTTPS enforcement and no HSTS (dev / direct bind).
+     */
+    readonly tls?: TlsPosture;
+    /**
+     * Verify an access token for identity-based deployments (OA-1, end-user OAuth). Returns the verified
+     * identity, or `null` when the token is missing/invalid/expired. Injected by the service (backed by
+     * `@noodle-borg/auth` + `jose`), so the transport stays free of any token library. When a deployment uses
+     * an identity access mode and no verifier is configured, the endpoint fails closed (`401`).
+     */
+    readonly verifyOwnerToken?: OwnerTokenVerifier;
+    /**
+     * Authorize a verified identity for a non-owner identity mode. The service injects this callback so
+     * transport stays isolated from the control-plane org/member store.
+     */
+    readonly authorizeDataPlaneIdentity?: DataPlaneIdentityAuthorizer;
+    /**
+     * Verify caller-key access against the current tenant state. When set for tenant-routed requests, this
+     * overrides the static cached `callerKeyHash` so a multi-instance service can rotate or revoke keys
+     * without waiting for every instance-local compiled target cache to refresh.
+     */
+    readonly verifyCallerKeyForTenant?: CallerKeyTenantVerifier;
+    /**
+     * Request admission hook for MCP JSON-RPC requests after authentication and JSON parsing, before SDK
+     * execution. The default is allow; injected policy can log, suspend, quota, or deny per request.
+     */
+    readonly admissionGate?: AdmissionGate;
+}
+/**
+ * Resolve an owner access token to its verified subject (claims only — the raw token never crosses the
+ * front-door). `resource` is the canonical tenant MCP URL the token must be audience-bound to (RFC 8707).
+ */
+export type OwnerTokenVerifier = (token: string, resource: string) => Promise<{
+    readonly subject: string;
+    readonly email?: string;
+} | null>;
+export type DataPlaneIdentityAuthorizer = (input: {
+    readonly accessMode: AccessMode;
+    readonly org: string;
+    readonly subject: string;
+    readonly email?: string;
+}) => Promise<boolean>;
+export type CallerKeyTenantVerifier = (input: {
+    readonly tenant: TenantRouteRef;
+    readonly token: string | null;
+    readonly cachedCallerKeyHash: string | undefined;
+}) => Promise<boolean>;
+export type AdmissionCategory = 'protocol' | 'discovery' | 'read' | 'execute';
+export interface AdmissionContext {
+    readonly routeId: string;
+    readonly method: string;
+    readonly category: AdmissionCategory;
+    readonly name?: string;
+    readonly org?: string;
+    readonly app?: string;
+    readonly env?: string;
+    readonly accessMode?: AccessMode;
+    readonly deploymentId?: string;
+}
+export type AdmissionDecision = {
+    readonly allow: true;
+    readonly reason?: string;
+} | {
+    readonly allow: false;
+    readonly reason: string;
+    readonly status?: 403 | 429;
+};
+export type AdmissionGate = (context: AdmissionContext) => Promise<AdmissionDecision>;
+/** How callers authenticate to a deployed endpoint. */
+export type AccessMode = 'caller-key' | 'owner-only' | 'org-members';
+export interface TenantRouteRef {
+    readonly org: string;
+    readonly app: string;
+    readonly env: string;
+}
+/**
+ * Build a `node:http` request listener that serves one {@link ServedArtifact} over the MCP **Streamable
+ * HTTP** transport (the remote transport). This is the security/HTTP front-door: it validates origin,
+ * method, content negotiation, and body size, then hands the parsed JSON-RPC body to the official
+ * `@modelcontextprotocol/sdk` stateless transport ([ADR 0021]), which owns framing and version
+ * negotiation. It is **stateless** — no `MCP-Session-Id` is issued. Server-initiated streaming (SSE)
+ * is not offered, so `GET` returns `405`.
+ */
+export declare function createMcpHttpHandler(target: ServedArtifact, options?: HttpHandlerOptions): (req: IncomingMessage, res: ServerResponse) => void;
+/** A resolved tenant: its served artifact plus how callers authenticate to it. */
+export interface ServedTarget {
+    readonly served: ServedArtifact;
+    /** Per-server caller-key hash (Slice 24, ADR 0030) — used when {@link accessMode} is `caller-key`. */
+    readonly callerKeyHash?: string;
+    /** How callers authenticate. Default `caller-key` (the shared per-server bearer). */
+    readonly accessMode?: AccessMode;
+    /**
+     * For `owner-only` (OA-1): the deployer's subject — the only identity permitted to call this endpoint.
+     * Resolved against a verified owner token by {@link HttpHandlerOptions.verifyOwnerToken}.
+     */
+    readonly ownerSubject?: string;
+    /** Tenant org used by org-scoped identity access modes. */
+    readonly org?: string;
+}
+/**
+ * Resolve a {@link ServedTarget} for a given server id. **Async** (ADR 0036): on a cache miss the resolver
+ * may point-read a durable store and recompile, so any instance can serve any deploy. It resolves to
+ * `undefined` when there is no such server (→ `404`); a thrown error (store/compile failure) becomes a
+ * `500`. Used by {@link createMcpRouter} to serve many tenants from one process.
+ */
+export type ServerLookup = (deploymentId: string) => Promise<ServedTarget | undefined>;
+export type TenantLookup = (ref: TenantRouteRef) => Promise<ServedTarget | undefined>;
+/**
+ * Build a `node:http` request listener that serves **many** tenants over MCP Streamable HTTP, routing
+ * by tenant paths. Each request reuses the same stateless pipeline as
+ * {@link createMcpHttpHandler}; an unknown path or unknown server id returns `404`.
+ */
+export declare function createMcpRouter(lookup: ServerLookup, options?: HttpHandlerOptions & {
+    readonly tenantLookup?: TenantLookup;
+}): (req: IncomingMessage, res: ServerResponse) => void;
+//# sourceMappingURL=handler.d.ts.map

package/node_modules/@noodle-borg/transport-http/dist/handler.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../src/handler.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AACjE,OAAO,EAAiC,KAAK,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAE3F,OAAO,EAIL,KAAK,UAAU,EAChB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,KAAK,MAAM,EAAc,MAAM,cAAc,CAAC;AAEvD,qGAAqG;AACrG,MAAM,MAAM,YAAY,GAAG,SAAS,MAAM,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC;AAE7E,MAAM,WAAW,kBAAkB;IACjC,oDAAoD;IACpD,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B;;;;OAIG;IACH,QAAQ,CAAC,cAAc,CAAC,EAAE,YAAY,CAAC;IACvC,yDAAyD;IACzD,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B;;;;OAIG;IACH,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,+FAA+F;IAC/F,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB;;;OAGG;IACH,QAAQ,CAAC,GAAG,CAAC,EAAE,UAAU,CAAC;IAC1B;;;;;OAKG;IACH,QAAQ,CAAC,gBAAgB,CAAC,EAAE,kBAAkB,CAAC;IAC/C;;;OAGG;IACH,QAAQ,CAAC,0BAA0B,CAAC,EAAE,2BAA2B,CAAC;IAClE;;;;OAIG;IACH,QAAQ,CAAC,wBAAwB,CAAC,EAAE,uBAAuB,CAAC;IAC5D;;;OAGG;IACH,QAAQ,CAAC,aAAa,CAAC,EAAE,aAAa,CAAC;CACxC;AAED;;;GAGG;AACH,MAAM,MAAM,kBAAkB,GAAG,CAC/B,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,KACb,OAAO,CAAC;IAAE,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAAC,CAAC;AAE3E,MAAM,MAAM,2BAA2B,GAAG,CAAC,KAAK,EAAE;IAChD,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC;IAChC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;CACzB,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;AAEvB,MAAM,MAAM,uBAAuB,GAAG,CAAC,KAAK,EAAE;IAC5C,QAAQ,CAAC,MAAM,EAAE,cAAc,CAAC;IAChC,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,QAAQ,CAAC,mBAAmB,EAAE,MAAM,GAAG,SAAS,CAAC;CAClD,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;AAEvB,MAAM,MAAM,iBAAiB,GAAG,UAAU,GAAG,WAAW,GAAG,MAAM,GAAG,SAAS,CAAC;AAE9E,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,QAAQ,EAAE,iBAAiB,CAAC;IACrC,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,UAAU,CAAC,EAAE,UAAU,CAAC;IACjC,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;CAChC;AAED,MAAM,MAAM,iBAAiB,GACzB;IAAE,QAAQ,CAAC,KAAK,EAAE,IAAI,CAAC;IAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAClD;IAAE,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,GAAG,GAAG,GAAG,CAAA;CAAE,CAAC;AAEpF,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,gBAAgB,KAAK,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEtF,uDAAuD;AACvD,MAAM,MAAM,UAAU,GAAG,YAAY,GAAG,YAAY,GAAG,aAAa,CAAC;AAErE,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;CACtB;AAKD;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,MAAM,EAAE,cAAc,EACtB,OAAO,GAAE,kBAAuB,GAC/B,CAAC,GAAG,EAAE,eAAe,EAAE,GAAG,EAAE,cAAc,KAAK,IAAI,CA2CrD;AAED,kFAAkF;AAClF,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,MAAM,EAAE,cAAc,CAAC;IAChC,sGAAsG;IACtG,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,qFAAqF;IACrF,QAAQ,CAAC,UAAU,CAAC,EAAE,UAAU,CAAC;IACjC;;;OAGG;IACH,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,2DAA2D;IAC3D,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;;;;GAKG;AACH,MAAM,MAAM,YAAY,GAAG,CAAC,YAAY,EAAE,MAAM,KAAK,OAAO,CAAC,YAAY,GAAG,SAAS,CAAC,CAAC;AACvF,MAAM,MAAM,YAAY,GAAG,CAAC,GAAG,EAAE,cAAc,KAAK,OAAO,CAAC,YAAY,GAAG,SAAS,CAAC,CAAC;AAMtF;;;;GAIG;AACH,wBAAgB,eAAe,CAC7B,MAAM,EAAE,YAAY,EACpB,OAAO,GAAE,kBAAkB,GAAG;IAAE,QAAQ,CAAC,YAAY,CAAC,EAAE,YAAY,CAAA;CAAO,GAC1E,CAAC,GAAG,EAAE,eAAe,EAAE,GAAG,EAAE,cAAc,KAAK,IAAI,CA6DrD"}